Author: prabath
Date: Tue Dec 11 03:20:52 2007
New Revision: 10957
Log:
OpenID related functionality
Added:
branches/solutions/identity/openid-poc/modules/identity-provider/src/main/java/org/wso2/solutions/identity/openid/
branches/solutions/identity/openid-poc/modules/identity-provider/src/main/java/org/wso2/solutions/identity/openid/OpenIdProvider.java
Added:
branches/solutions/identity/openid-poc/modules/identity-provider/src/main/java/org/wso2/solutions/identity/openid/OpenIdProvider.java
==============================================================================
--- (empty file)
+++
branches/solutions/identity/openid-poc/modules/identity-provider/src/main/java/org/wso2/solutions/identity/openid/OpenIdProvider.java
Tue Dec 11 03:20:52 2007
@@ -0,0 +1,220 @@
+package org.wso2.solutions.identity.openid;
+
+import java.io.IOException;
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Map;
+import javax.servlet.ServletOutputStream;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import org.wso2.solutions.identity.UserStore;
+import org.openid4java.message.AuthRequest;
+import org.openid4java.message.DirectError;
+import org.openid4java.message.Message;
+import org.openid4java.message.MessageExtension;
+import org.openid4java.message.ParameterList;
+import org.openid4java.message.ax.AxMessage;
+import org.openid4java.message.ax.FetchRequest;
+import org.openid4java.message.ax.FetchResponse;
+import org.openid4java.message.sreg.SRegMessage;
+import org.openid4java.message.sreg.SRegRequest;
+import org.openid4java.message.sreg.SRegResponse;
+import org.openid4java.server.ServerException;
+import org.openid4java.server.ServerManager;
+import org.wso2.solutions.identity.IdentityConstants;
+import org.wso2.solutions.identity.IdentityProviderException;
+
+
+public class OpenIdProvider {
+
+ // instantiate a ServerManager object
+ public static ServerManager manager = new ServerManager();
+
+ // configure the OpenID Provider's endpoint URL
+ static {
+ // TODO: remove hard-coded strings
+
manager.setOPEndpointUrl("https://localhost:12443/admin/server";);
+ }
+
+ public String processRequest(HttpServletRequest httpReq,
+ HttpServletResponse httpResp) throws Exception {
+
+ // extract the parameters from the request
+ ParameterList request = new
ParameterList(httpReq.getParameterMap());
+
+ String mode = request.hasParameter("openid.mode") ? request
+ .getParameterValue("openid.mode") : null;
+
+ Message response;
+ String responseText;
+
+ if ("associate".equals(mode)) {
+ // process an association request
+ response = manager.associationResponse(request);
+ responseText = response.keyValueFormEncoding();
+ } else if ("checkid_setup".equals(mode)
+ || "checkid_immediate".equals(mode)) {
+ // interact with the user and obtain data needed to
continue
+ List userData = userInteraction(request);
+
+ // TODO : do the authentication
+ Boolean authenticatedAndApproved = true;
+
+ String userSelectedClaimedId = (String) userData.get(0);
+ String nickName = (String) userData.get(1);
+ String fullName = (String) userData.get(2);
+ String email = (String) userData.get(3);
+
+ // process an authentication request
+ AuthRequest authReq =
AuthRequest.createAuthRequest(request,
+ manager.getRealmVerifier());
+
+ String opLocalId = null;
+
+ // if the user chose a different claimed_id than the
one in request
+ if (userSelectedClaimedId != null
+ &&
userSelectedClaimedId.equals(authReq.getClaimed())) {
+ // TODO: opLocalId =
lookupLocalId(userSelectedClaimedId);
+ }
+
+ response = manager.authResponse(request, opLocalId,
+ userSelectedClaimedId,
authenticatedAndApproved
+ .booleanValue());
+
+ if (response instanceof DirectError)
+ return directResponse(httpResp,
response.keyValueFormEncoding());
+ else {
+ if
(authReq.hasExtension(AxMessage.OPENID_NS_AX)) {
+ MessageExtension ext = authReq
+
.getExtension(AxMessage.OPENID_NS_AX);
+ if (ext instanceof FetchRequest) {
+ FetchRequest fetchReq =
(FetchRequest) ext;
+ Map required =
fetchReq.getAttributes(true);
+ // Map optional =
fetchReq.getAttributes(false);
+ if
(required.containsKey("email")) {
+ Map userDataExt = new
HashMap();
+ //
userDataExt.put("email", userData.get(3));
+
+ FetchResponse fetchResp
= FetchResponse
+
.createFetchResponse(fetchReq, userDataExt);
+ // (alternatively)
manually add attribute values
+
fetchResp.addAttribute("email",
+
"http://schema.openid.net/contact/email";,
+ email);
+
response.addExtension(fetchResp);
+ }
+ } else {
+ throw new
UnsupportedOperationException("TODO");
+ }
+ }
+ if
(authReq.hasExtension(SRegMessage.OPENID_NS_SREG)) {
+ MessageExtension ext = authReq
+
.getExtension(SRegMessage.OPENID_NS_SREG);
+ if (ext instanceof SRegRequest) {
+ SRegRequest sregReq =
(SRegRequest) ext;
+ List required =
sregReq.getAttributes(true);
+ // TODO: List optional =
sregReq.getAttributes(false);
+
+ // data released by the user
+ Map userDataSReg = new
HashMap();
+ SRegResponse sregResp =
SRegResponse
+
.createSRegResponse(sregReq, userDataSReg);
+
+ // TODO: use constants
+ if (required.contains("email"))
{
+
sregResp.addAttribute("email", email);
+ }
+
+ if
(required.contains("nickname")) {
+
sregResp.addAttribute("nickname", nickName);
+ }
+
+ if
(required.contains("fullname")) {
+
sregResp.addAttribute("fullname", fullName);
+ }
+
+ response.addExtension(sregResp);
+
+ } else {
+ throw new
UnsupportedOperationException("TODO");
+ }
+ }
+ // caller will need to decide which of the
following to use:
+
+ // option1: GET HTTP-redirect to the return_to
URL
+ return response.getDestinationUrl(true);
+ }
+ } else if ("check_authentication".equals(mode)) {
+ // processing a verification request ---
+ response = manager.verify(request);
+ responseText = response.keyValueFormEncoding();
+ } else {
+ // error response
+ response = DirectError.createDirectError("Unknown
request");
+ responseText = response.keyValueFormEncoding();
+ }
+
+ // return the result to the user
+ return responseText;
+ }
+
+ protected List userInteraction(ParameterList request)
+ throws ServerException, IdentityProviderException {
+
+ List back = new ArrayList();
+
+ UserStore userStore = null;
+ List claimList = null;
+ List users = null;
+ Map mapValues = null;
+
+ String openId = null;
+
+ openId = request.hasParameter("openid.identity") ? request
+ .getParameterValue("openid.identity") : null;
+
+ userStore = UserStore.getInstance();
+
+ users = userStore.getAllUserNames();
+
+ claimList = new ArrayList();
+ claimList.add(IdentityConstants.CLAIM_EMAIL_ADDRESS);
+ claimList.add(IdentityConstants.CLAIM_GIVEN_NAME);
+ claimList.add(IdentityConstants.CLAIM_SURNAME);
+ claimList.add(IdentityConstants.CLAIM_OPENID);
+
+ Iterator iterator = users.iterator();
+
+ while (iterator.hasNext()) {
+
+ String user = (String) iterator.next();
+ mapValues = userStore.getClaimValues(user, claimList);
+
+ if (mapValues != null && !mapValues.isEmpty()) {
+ if (openId.indexOf((String) mapValues
+
.get(IdentityConstants.CLAIM_OPENID)) >= 0) {
+
back.add(mapValues.get(IdentityConstants.CLAIM_OPENID));
+ back.add(user);
+
back.add(mapValues.get(IdentityConstants.CLAIM_SURNAME));
+ back.add(mapValues
+
.get(IdentityConstants.CLAIM_EMAIL_ADDRESS));
+ break;
+ }
+ }
+ }
+
+ return back;
+ }
+
+ private String directResponse(HttpServletResponse httpResp, String
response)
+ throws IOException {
+ ServletOutputStream os = httpResp.getOutputStream();
+ os.write(response.getBytes());
+ os.close();
+
+ return null;
+ }
+
+}
\ No newline at end of file
_______________________________________________
Identity-dev mailing list
[email protected]
http://wso2.org/cgi-bin/mailman/listinfo/identity-dev
